In 1977, President Carter signed the Foreign Corrupt Practices Act (FCPA) into law to outlaw the bribery of foreign government officials by the private sector. And then ... nothing happened. Not for a while, anyway. The government brought cases here and there, but the statute effectively lay dormant for years. After three-and-a-half decades and several expansions, that of course has changed.

In the past decade, the government’s enforcement of the FCPA has ballooned. The regime is substantial and aggressive enough that now U.S. companies doing any sort of business overseas—and even foreign companies with ties to U.S. securities markets and foreign government officials themselves—are well aware of the risks they face if a company executive or employee is found to have bribed a foreign official. And as the U.S. government has fought corruption, it has raised awareness of the FCPA in other countries, many of which have enacted and now enforce their own anti-bribery laws and have signed on to the Organisation for Economic Co-operation and Development’s (OECD) Anti-Bribery Convention to indicate their commitment to implementing and enforcing anti-bribery laws and regulations.

“Our partners around the world are doing so much more than ever before, and I like to think it’s because of the leadership the U.S. has shown, but … if regulators and prosecutors get involved in complementary regulatory regimes in different countries, it is in fact going to be even more affirming for each of the respective countries—they’ll help one another,” says Lanny Breuer, who stepped down as head of the Department of Justice’s (DOJ) Criminal Division on March 1 and rejoined his former law firm, Covington & Burling. (At press time the division’s next assistant attorney general had not yet been appointed.) Eight of the 10 largest FCPA penalties in history were doled out on Breuer’s watch. Although some critics may grumble that his division’s approach to FCPA enforcement was either too lenient or overbroad, the uptick during his tenure in enforcement and awareness of anti-bribery provisions in the U.S. and abroad is undeniable.

Breuer’s not just patting himself on the back on the U.S. leadership front: An October 2011 article by Sarah Kaczmarek and Abraham Newman in the journal “International Organization” asserted a strong statistical connection between U.S. prosecutors employing the extraterritorial reach of the FCPA to other countries and those countries going on to implement and enforce their own national policies. Last year, the general counsel of Siemens AG—the German company that paid $800 million, still the record, to settle FCPA charges in 2008—told the New York Times that the case “woke up a lot of people in Europe.”

A Helpful Handbook

Along with his division’s contributions to raising awareness, Breuer is most proud of the November 2012 joint DOJ-Securities and Exchange Commission (SEC) FCPA guidance document, written with input from the State and Commerce Departments.

“I’m very proud of it. We dedicated a year to providing the guidance,” he says. “I don’t think the department has ever taken on that kind of an obligation before.”

The guidance is a 130-page compendium of the government’s take on applying the FCPA and handling its enforcement. It offers advice on a broad number of FCPA-related topics: What’s a foreign official? What kind of gifts and entertainment expenses are considered proper? How does successor liability work in the M&A context?

The guidance includes some insight into the government’s view of what constitutes a robust compliance program for purposes of government credit. As numerous government officials have stated, the government’s goal is to create a “culture of compliance” amongst companies, not just to encourage a written program.

Without naming the company, the guidance cites the example of Morgan Stanley & Co. Inc. Former Morgan Stanley Managing Director Garth Peterson was charged with FCPA violations, but after an investigation, the government declined to prosecute the company because of its “robust compliance program and good faith enforcement of it.” The compliance program included extensive FCPA training, and extensive due diligence on transactions and parties with which it carried them out. Morgan Stanley also cooperated with the investigation and, notably, self-reported the violation once it was discovered.

“Many people are wondering how they can obtain the benefit of a compliance program,” says William Sullivan, former assistant U.S. attorney for the District of Columbia. Sullivan now is partner at Pillsbury Winthrop Shaw Pittman. “[There’s the] understanding that while it doesn’t operate as an affirmative defense, a good compliance program is certainly a mitigator. … The issue is, can you really only get the benefit of a robust compliance defense through a voluntary disclosure?”

The debate is part of an ongoing discussion in the legal and business communities about how companies can best evaluate their options when it comes to deferred prosecution agreements (DPAs) and nonprosecution agreements (NPAs), deals in which authorities give companies credit for self-reporting, cooperation in investigations and self-remediation.

Self-Reporting and the SEC

When a company uncovers a potential FCPA violation, the decision of whether to self-report can be fraught. Many decide that self-reporting is the best way to mitigate any damage, but in recent years, the pendulum has swung the other way. Many companies are unsure of whether they would get credit sufficient enough to report a potential violation that authorities might never discover on their own. And then there is the issue of the SEC.

The vast majority of the FCPA-related DOJ enforcement actions are resolved with NPAs and DPAs. In contrast, the SEC entered into its first-ever FCPA-related NPA in a deal with Ralph Lauren Corp. announced April 22. The SEC’s enforcement arm gained the authority to enter into such agreements in 2010 and has entered into only one DPA, in a May 2011 deal.

“The DOJ has been giving nonprosecution agreements for a while, but given the DOJ and SEC’s dual enforcement powers, you would sometimes see people self-reporting to the DOJ and then the SEC coming in and deciding not to do a nonprosecution agreement and instead bringing charges,” says Stephen Miller, a member of Cozen O’Connor and former federal prosecutor in the Southern District of New York (SDNY) and the Eastern District of Pennsylvania.

This first-time NPA from the SEC is “a signal to the business community that there really is a benefit to self-reporting,” he says.

Ralph Lauren discovered bribes that a subsidiary paid to government officials in Argentina in the course of an internal review and reported the activity to the SEC within two weeks. In addition to self-reporting, the SEC credits the company with “extensive, thorough, and real-time cooperation … [that] saved the agency substantial time and resources.” The SEC also gave credit to Ralph Lauren for its “significant remedial measures,” such as establishing a comprehensive new compliance program throughout its operations. And significantly, Ralph Lauren ceased its operations in Argentina. As part of the NPA, it will disgorge more than $700,000 in illicit profits and interest connected to the bribes, and in a parallel DOJ NPA, it will pay a penalty of more than $800,000.

“The NPA in this matter makes clear that we will confer substantial and tangible benefits on companies that respond appropriately to violations and cooperate fully with the SEC,” George Canellos said in the SEC release announcing the deal. Canellos and Andrew Ceresney were named co-directors of the SEC’s Division of Enforcement the day the Ralph Lauren NPA became public, and the SEC’s new chairman, Mary Jo White, was sworn in April 10. Statements surrounding the Ralph Lauren action suggest the new regime plans to make use of its relatively new enforcement tools.

“The SEC had to put in place and vet a procedure that would allow them to pursue this middle ground,” says Robertson Park, a partner in Murphy & McGonigle and 20-year veteran of the DOJ Criminal Division’s Fraud Section. “Now that it’s in place, I suspect we’ll see more regular, routine use of nonprosecution and deferred prosecution agreements with the SEC’s joint resolutions going forward.”

The debate over self-reporting remains unsettled. Although Ralph Lauren got the benefit of the NPA, it still was required to investigate all 95 of its subsidiaries for a problem that arose from one or two rogue actors in a single subsidiary.

“They might have done just as well by handling it internally—taking care of it, revamping their compliance program, firing the wrongdoers and moving on,” Sullivan says. “It’s an open topic of discussion today.”

An Individual Focus

Although Morgan Stanley escaped prosecution due to its compliance program, its former managing director was sentenced in August 2012 to nine months in prison—one victory in the government’s stated intention to bring more FCPA cases against individuals, not just the companies for which they work. Around 2007 to 2008, there was a sharp increase in the number of FCPA cases the DOJ and SEC brought against individuals.

“From the government’s perspective, there’s no question that over the past four years there was a focus on prosecuting not just companies but individuals … I’m quite confident that will continue,” says Breuer. Under his leadership, the DOJ convicted a record three dozen individuals for FCPA-related offenses.

Park sees the focus on individuals as the next step in a natural progression: First, authorities made FCPA criminal enforcement a central priority, and the increased effort to go after individuals is “part of the maturing of the whole FCPA enterprise,” he says.

Why? Cases against individuals are clearly the best deterrent to bribery.

“Nobody in the corporate world likes to pay a big fine, but it almost becomes a cost of doing business. But you throw a couple of executives in jail in the U.S.—that’s going to catch people’s attention in a much more significant way than a $100 million fine,” says David Raskin, a partner at Clifford Chance and a former assistant U.S. attorney in the SDNY. One of Raskin’s last acts as an assistant U.S. attorney was heading the investigation that led to the December 2011 indictment of several Siemens executives.

However, bringing cases against individuals is much harder for the government for one main reason: The individuals fight back. “The DOJ wanted to bring these cases, but it wasn’t up for it. They didn’t have the guns to carry out what are very, very difficult cases against individuals who are fighting for their lives,” one former prosecutor says. Then when the government did start to ramp up its focus on individuals, it faced a string of notable failures. “It was one disaster after another,” as one lawyer describes it. In the so-called Africa Sting, which ensnared 22 people for FCPA violations, a judge dismissed most of the case before a jury handed out acquittals on the remaining charges. The DOJ touted the convictions it won against Lindsey Manufacturing Co.’s president and CFO—but a judge later threw them out for government misconduct in the investigation and trial, and the DOJ went on to drop its appeal in the case.

The government has also seen success, “certainly in convincing individuals to plead guilty, and there are some notable cases set for or approaching trial,” says Hogan Lovells Partner Peter Spivack, a former federal prosecutor in the Central District of California.

In one FCPA case against an individual executive, his defense lawyers are aiming for a judgment in federal appeals court that could revamp the government’s treatment of the statute. (It’s worth noting that because cases against individuals are far more likely to go to trial and lead to a judgment, they provide more opportunities for outcomes leading to precedent negative to the government.)

A Debated Definition

Joel Esquenazi is the former president of Terra Telecommunications Corp. He was convicted along with another former Terra executive of FCPA violations stemming from payments from Terra to Haiti Teleco, which Haiti’s national bank owned shares in and for which the Haitian government appointed board members and directors. In October 2011, Esquenazi received a 15-year sentence, the longest a court has ever given an individual in a case involving FCPA violations. The other executive, Carlos Rodriguez, received a seven-year sentence, and seven other individuals charged in the case pleaded guilty. Esquenazi and Rodriguez are challenging the way the government defined a foreign official in their cases in appeals currently pending before the 11th Circuit, which recently delayed oral arguments in the appeals until this summer.

Esquenazi’s appeal argues that the statute is unconstitutionally vague. The theory marks the first-ever constitutional challenge to the FCPA, according to one of Esquenazi’s lawyers in the appeal, Markus Funk, who is a partner at Perkins Coie and former federal prosecutor in Chicago.

Who constitutes a “foreign official” for FCPA purposes is a central question in the appeal as well as for companies grappling with FCPA compliance. “The government’s view is that everybody is,” Spivack says.

In past cases, companies have faced enforcement actions for payments to executives of state-owned oil companies, officials of state-owned and -controlled oil companies, and doctors who are part of state-controlled health systems.

A major defense theory in the Lindsey Manufacturing case was that the bribed officials “acted like, talked like, thought like, smelled like private-sector individuals,” Spivack says, and thus shouldn’t have been considered representatives of a state-owned entity. There are plenty of examples of entities that have state investment but act like private-sector entities.

Business groups such as the U.S. Chamber of Commerce have lobbied to amend the FCPA for clarity.

“There’s never been a definitive and helpful definition,” Spivack says. “Instead, the government’s view has always been that you have to look at many factors and make a determination.”

The FCPA resource guide provides a list of factors the DOJ and SEC consider in determining whether a given individual falls under the “foreign official” definition, which the statute outlines as “any officer or employee of a foreign government or any department, agency, or instrumentality thereof, or of a public international organization,” or any person “acting in an official capacity” for or on behalf of such an organization or any public international organization.

Esquenazi’s appeal tries to pick apart the flaws in the government’s definition of an “instrumentality of a foreign government.” The central argument of his brief to the 11th Circuit declares that “the government’s untethered definition of ‘instrumentality’ cannot stand.”

“The claim that a government owning shares in a company like Haiti Teleco, without more, somehow converts a company into an ‘instrumentality’ of a foreign government stretches the English language beyond its breaking point,” Funk says. “The term ‘instrumentality’ should at a minimum mean that the company or organization is doing something for or at the direction of the government.”

Breuer, of course, disagrees. He was head of the DOJ’s Criminal Division when Esquenazi was indicted in 2009, and in the government’s reply brief in the Esquenazi and Rodriguez appeals, he helped shape the government’s vigorous defense of the statute’s constitutionality and of the government’s interpretation—which leads back to the FCPA guidance document.

“In any statute, there will be questions as to whether something is vague, but I don’t agree with lawyers who think there is a constitutional infirmity with respect to the statute,” Breuer says. “In general, it’s pretty clear what a foreign official is, and in the guidance the department goes to great pains in discussing some of those factors.”

No matter the outcome of the Esquenazi appeal, all signs suggest that robust FCPA enforcement in the U.S. and abroad is here to stay. As Breuer puts it, authorities will continue to let the facts take them where the facts will take them.

“The notion of fighting corruption and not allowing private entities to bribe officials has become a core principle for the administration and for the [DOJ], and we’ll continue to see in the coming years rigorous enforcement of that,” Breuer says.